The version of MySQL running on the remote host is 5.7.x prior to 5.7.16. It is, therefore, affected by multiple vulnerabilities :

  - Multiple integer overflow conditions exist in s3_srvr.c,     ssl_sess.c, and t1_lib.c due to improper use of pointer     arithmetic for heap-buffer boundary checks. An     unauthenticated, remote attacker can exploit this to     cause a denial of service. (CVE-2016-2177)

  - An information disclosure vulnerability exists in the     dsa_sign_setup() function in dsa_ossl.c due to a failure     to properly ensure the use of constant-time operations.
    An unauthenticated, remote attacker can exploit this,     via a timing side-channel attack, to disclose DSA key     information. (CVE-2016-2178)

  - A denial of service vulnerability exists in the DTLS     implementation due to a failure to properly restrict the     lifetime of queue entries associated with unused     out-of-order messages. An unauthenticated, remote     attacker can exploit this, by maintaining multiple     crafted DTLS sessions simultaneously, to exhaust memory.
    (CVE-2016-2179)

  - An out-of-bounds read error exists in the X.509 Public     Key Infrastructure Time-Stamp Protocol (TSP)     implementation. An unauthenticated, remote attacker can     exploit this, via a crafted time-stamp file that is     mishandled by the 'openssl ts' command, to cause     denial of service or to disclose sensitive information.
    (CVE-2016-2180)

  - A denial of service vulnerability exists in the     Anti-Replay feature in the DTLS implementation due to     improper handling of epoch sequence numbers in records.
    An unauthenticated, remote attacker can exploit this,     via spoofed DTLS records, to cause legitimate packets to     be dropped. (CVE-2016-2181)

  - An overflow condition exists in the BN_bn2dec() function     in bn_print.c due to improper validation of     user-supplied input when handling BIGNUM values. An     unauthenticated, remote attacker can exploit this to     crash the process. (CVE-2016-2182)

  - A vulnerability exists, known as SWEET32, in the 3DES     and Blowfish algorithms due to the use of weak 64-bit     block ciphers by default. A man-in-the-middle attacker     who has sufficient resources can exploit this     vulnerability, via a 'birthday' attack, to detect a     collision that leaks the XOR between the fixed secret     and a known plaintext, allowing the disclosure of the     secret text, such as secure HTTPS cookies, and possibly     resulting in the hijacking of an authenticated session.
    (CVE-2016-2183)

  - An unspecified flaw exists in the Security: Encryption     subcomponent that allows an authenticated, remote     attacker to disclose sensitive information.
    (CVE-2016-5584)

  - A flaw exists in the tls_decrypt_ticket() function in     t1_lib.c due to improper handling of ticket HMAC     digests. An unauthenticated, remote attacker can exploit     this, via a ticket that is too short, to crash the     process, resulting in a denial of service.
    (CVE-2016-6302)

  - An integer overflow condition exists in the     MDC2_Update() function in mdc2dgst.c due to improper     validation of user-supplied input. An unauthenticated,     remote attacker can exploit this to cause a heap-based     buffer overflow, resulting in a denial of service     condition or possibly the execution of arbitrary code.
    (CVE-2016-6303)

  - A flaw exists in the ssl_parse_clienthello_tlsext()     function in t1_lib.c due to improper handling of overly     large OCSP Status Request extensions from clients. An     unauthenticated, remote attacker can exploit this, via     large OCSP Status Request extensions, to exhaust memory     resources, resulting in a denial of service condition.
    (CVE-2016-6304)

  - An out-of-bounds read error exists in the certificate     parser that allows an unauthenticated, remote attacker     to cause a denial of service via crafted certificate     operations. (CVE-2016-6306)

  - A flaw exists in the check_log_path() function within     file sql/sys_vars.cc due to inadequate restrictions on     the ability to write to the my.cnf configuration file     and allowing the loading of configuration files from     path locations not used by current versions. An     authenticated, remote attacker can exploit this issue     by using specially crafted queries that utilize logging     functionality to create new files or append custom     content to existing files. This allows the attacker to     gain root privileges by inserting a custom .cnf file     with a 'malloc_lib=' directive pointing to specially     crafted mysql_hookandroot_lib.so file and thereby cause     MySQL to load a malicious library the next time it is     started. (CVE-2016-6662)

  - A flaw exists in wolfSSL, specifically within the C     software version of AES Encryption and Decryption, due     to table lookups not properly considering cache-bank     access times. A local attacker can exploit this, via a     specially crafted application, to disclose AES keys.
    (CVE-2016-7440)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of IBM BigFix Remote Control running on the remote host is prior to 9.1.3. It is, therefore, affected by the multiple vulnerabilities :

  - Multiple integer overflow conditions exist in the     bundled version of OpenSSL in files s3_srvr.c,     ssl_sess.c, and t1_lib.c due to improper use of pointer     arithmetic for heap-buffer boundary checks. An     unauthenticated, remote attacker can exploit this to     cause a denial of service. (CVE-2016-2177)

  - An information disclosure vulnerability exists in the     bundled version of OpenSSL in the dsa_sign_setup()     function in dsa_ossl.c due to a failure to properly     ensure the use of constant-time operations. An     unauthenticated, remote attacker can exploit this, via a     timing side-channel attack, to disclose DSA key     information. (CVE-2016-2178)

  - A vulnerability exists, known as SWEET32, in the bundled     version of OpenSSL in the 3DES and Blowfish algorithms     due to the use of weak 64-bit block ciphers by default.
    A man-in-the-middle attacker who has sufficient     resources can exploit this vulnerability, via a     'birthday' attack, to detect a collision that leaks the     XOR between the fixed secret and a known plaintext,     allowing the disclosure of the secret text, such as     secure HTTPS cookies, and possibly resulting in the     hijacking of an authenticated session. (CVE-2016-2183)

  - An information disclosure vulnerability exists due to     the inclusion of sensitive information in error logs. An     authenticated, remote attacker can exploit this to     disclose information. (CVE-2016-2928)

  - An information disclosure vulnerability exists due to     the transmission of information in cleartext. A     man-in-the-middle attacker can exploit this to disclose     sensitive information. (CVE-2016-2931)

  - An unspecified flaw exists that allows an     unauthenticated, remote attacker to inject arbitrary XML     content. (CVE-2016-2932)

  - An information disclosure vulnerability exists due to a     flaw that allows traversing outside of a restricted     path. An authenticated, remote attacker can exploit     this, via a specially crafted request, to disclose     arbitrary files. (CVE-2016-2933)

  - A cross-site scripting (XSS) vulnerability exists due to     improper validation of user-supplied input. An     unauthenticated, remote attacker can exploit this, via a     specially crafted request, to execute arbitrary script     code in a user's browser session. (CVE-2016-2934)

  - An unspecified flaw exists that allows an     unauthenticated, remote attacker to submit invalid HTTP     requests, resulting in a denial of service condition for     the broker application. (CVE-2016-2935)

  - An information disclosure vulnerability exists due to     the storage of information in log files in plaintext. A     local attacker can exploit this to disclose sensitive     information. (CVE-2016-2943)

  - A flaw exists in the bundled version of OpenSSL in the     ssl_parse_clienthello_tlsext() function in t1_lib.c due     to improper handling of overly large OCSP Status Request     extensions from clients. An unauthenticated, remote     attacker can exploit this, via large OCSP Status Request     extensions, to exhaust memory resources, resulting in a     denial of service condition. (CVE-2016-6304)

  - An out-of-bounds read error exists the bundled version     of OpenSSL in the certificate parser that allows an     unauthenticated, remote attacker to cause a denial of     service via crafted certificate operations.
    (CVE-2016-6306)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Oracle Enterprise Manager Grid Control installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities :

  - Multiple integer overflow conditions exist in the     OpenSSL component in s3_srvr.c, ssl_sess.c, and t1_lib.c     due to improper use of pointer arithmetic for     heap-buffer boundary checks. An unauthenticated, remote     attacker can exploit this to cause a denial of service     condition. (CVE-2016-2177)

  - An information disclosure vulnerability exists in the     OpenSSL component in dsa_sign_setup() function in     dsa_ossl.c due to a failure to properly ensure the use     of constant-time operations. An unauthenticated, remote     attacker can exploit this, via a timing side-channel     attack, to disclose DSA key information. (CVE-2016-2178)

  - A denial of service vulnerability exists in the OpenSSL     component in the DTLS implementation due to a failure to     properly restrict the lifetime of queue entries     associated with unused out-of-order messages. An     unauthenticated, remote attacker can exploit this, by     maintaining multiple crafted DTLS sessions     simultaneously, to exhaust memory. (CVE-2016-2179)

  - An out-of-bounds read error exists in the OpenSSL     component in the X.509 Public Key Infrastructure     Time-Stamp Protocol (TSP) implementation. An     unauthenticated, remote attacker can exploit this, via a     crafted time-stamp file that is mishandled by the     'openssl ts' command, to cause denial of service or to     disclose sensitive information. (CVE-2016-2180)

  - A denial of service vulnerability exists in the OpenSSL     component in the Anti-Replay feature in the DTLS     implementation due to improper handling of epoch     sequence numbers in records. An unauthenticated, remote     attacker can exploit this, via spoofed DTLS records, to     cause legitimate packets to be dropped. (CVE-2016-2181)

  - An overflow condition exists in the OpenSSL component in     the BN_bn2dec() function in bn_print.c due to improper     validation of user-supplied input when handling BIGNUM     values. An unauthenticated, remote attacker can exploit     this to crash the process. (CVE-2016-2182)

  - A vulnerability exists in the OpenSSL component, known     as SWEET32, in the 3DES and Blowfish algorithms due to     the use of weak 64-bit block ciphers by default. A     man-in-the-middle attacker who has sufficient resources     can exploit this vulnerability, via a 'birthday' attack,     to detect a collision that leaks the XOR between the     fixed secret and a known plaintext, allowing the     disclosure of the secret text, such as secure HTTPS     cookies, and possibly resulting in the hijacking of an     authenticated session. (CVE-2016-2183)

  - A denial of service vulnerability exists in the Apache     Commons FileUpload component due to improper handling of     boundaries in content-type headers when handling file     upload requests. An unauthenticated, remote attacker can     exploit this to cause processes linked against the     library to become unresponsive. (CVE-2016-3092)

  - A flaw exists in the OpenSSL component in the     tls_decrypt_ticket() function in t1_lib.c due to     improper handling of ticket HMAC digests. An     unauthenticated, remote attacker can exploit this, via a     ticket that is too short, to crash the process,     resulting in a denial of service. (CVE-2016-6302)

  - An integer overflow condition exists in the OpenSSL     component in the MDC2_Update() function in mdc2dgst.c     due to improper validation of user-supplied input. An     unauthenticated, remote attacker can exploit this to     cause a heap-based buffer overflow, resulting in a     denial of service condition or possibly the execution of     arbitrary code. (CVE-2016-6303)

  - A flaw exists in the OpenSSL component in the     ssl_parse_clienthello_tlsext() function in t1_lib.c due     to improper handling of overly large OCSP Status Request     extensions from clients. An unauthenticated, remote     attacker can exploit this, via large OCSP Status Request     extensions, to exhaust memory resources, resulting in a     denial of service condition. (CVE-2016-6304)

  - A flaw exists in the OpenSSL component in the SSL_peek()     function in rec_layer_s3.c due to improper handling of     empty records. An unauthenticated, remote attacker can     exploit this, by triggering a zero-length record in an     SSL_peek call, to cause an infinite loop, resulting in a     denial of service condition. (CVE-2016-6305)

  - An out-of-bounds read error exists in the OpenSSL     component in the certificate parser that allows an     unauthenticated, remote attacker to cause a denial of     service via crafted certificate operations.
    (CVE-2016-6306)

  - A denial of service vulnerability exists in the OpenSSL     component in the state-machine implementation due to a     failure to check for an excessive length before     allocating memory. An unauthenticated, remote attacker     can exploit this, via a crafted TLS message, to exhaust     memory resources. (CVE-2016-6307)

  - A denial of service vulnerability exists in the OpenSSL     component in the DTLS implementation due to improper     handling of excessively long DTLS messages. An     unauthenticated, remote attacker can exploit this, via a     crafted DTLS message, to exhaust available memory     resources. (CVE-2016-6308)

  - A remote code execution vulnerability exists in the     OpenSSL component in the read_state_machine() function     in statem.c due to improper handling of messages larger     than 16k. An unauthenticated, remote attacker can     exploit this, via a specially crafted message, to cause     a use-after-free error, resulting in a denial of service     condition or possibly the execution of arbitrary code.
    (CVE-2016-6309)

  - A denial of service vulnerability exists in the OpenSSL     component in x509_vfy.c due to improper handling of     certificate revocation lists (CRLs). An unauthenticated,     remote attacker can exploit this, via a specially     crafted CRL, to cause a NULL pointer dereference,     resulting in a crash of the service condition.
    (CVE-2016-7052)

  - An unspecified flaw exists in the Discovery Framework     subcomponent that allows an unauthenticated, remote     attacker to cause a denial of service condition.
    (CVE-2017-3518)

The remote OracleVM system is missing necessary patches to address critical security updates :

  - fix CVE-2016-2177 - possible integer overflow

  - fix CVE-2016-2178 - non-constant time DSA operations

  - fix CVE-2016-2179 - further DoS issues in DTLS

  - fix CVE-2016-2180 - OOB read in TS_OBJ_print_bio

  - fix CVE-2016-2181 - DTLS1 replay protection and     unprocessed records issue

  - fix CVE-2016-2182 - possible buffer overflow in     BN_bn2dec

  - fix CVE-2016-6302 - insufficient TLS session ticket HMAC     length check

  - fix CVE-2016-6304 - unbound memory growth with OCSP     status request

  - fix CVE-2016-6306 - certificate message OOB reads

  - mitigate CVE-2016-2183 - degrade all 64bit block ciphers     and RC4 to 112 bit effective strength

  - replace expired testing certificates

  - fix CVE-2016-2105 - possible overflow in base64 encoding

  - fix CVE-2016-2106 - possible overflow in     EVP_EncryptUpdate

  - fix CVE-2016-2107 - padding oracle in stitched AES-NI     CBC-MAC

  - fix CVE-2016-2108 - memory corruption in ASN.1 encoder

  - fix CVE-2016-2109 - possible DoS when reading ASN.1 data     from BIO

  - fix CVE-2016-0799 - memory issues in BIO_printf

Several vulnerabilities were discovered in OpenSSL :

CVE-2016-2177

Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithme tic/

CVE-2016-2178

Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing leak in the DSA code.

CVE-2016-2179 / CVE-2016-2181

Quan Luo and the OCAP audit team discovered denial of service vulnerabilities in DTLS.

CVE-2016-2180 / CVE-2016-2182 / CVE-2016-6303

Shi Lei discovered an out-of-bounds memory read in TS_OBJ_print_bio() and an out-of-bounds write in BN_bn2dec() and MDC2_Update().

CVE-2016-2183

DES-based cipher suites are demoted from the HIGH group to MEDIUM as a mitigation for the SWEET32 attack.

CVE-2016-6302

Shi Lei discovered that the use of SHA512 in TLS session tickets is susceptible to denial of service.

CVE-2016-6304

Shi Lei discovered that excessively large OCSP status request may result in denial of service via memory exhaustion.

CVE-2016-6306

Shi Lei discovered that missing message length validation when parsing certificates may potentially result in denial of service.

For Debian 7 'Wheezy', these problems have been fixed in version 1.0.1t-1+deb7u1.

We recommend that you upgrade your openssl and libssl1.0.0 packages.

NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

This update for openssl fixes the following issues :

OpenSSL Security Advisory [22 Sep 2016] (bsc#999665)

Severity: High

  - OCSP Status Request extension unbounded memory growth     (CVE-2016-6304) (bsc#999666)

Severity: Low

  - Pointer arithmetic undefined behaviour (CVE-2016-2177)     (bsc#982575)

  - Constant time flag not preserved in DSA signing     (CVE-2016-2178) (bsc#983249)

  - DTLS buffered message DoS (CVE-2016-2179) (bsc#994844)

  - OOB read in TS_OBJ_print_bio() (CVE-2016-2180)     (bsc#990419)

  - DTLS replay protection DoS (CVE-2016-2181) (bsc#994749)

  - OOB write in BN_bn2dec() (CVE-2016-2182) (bsc#993819)

  - Birthday attack against 64-bit block ciphers (SWEET32)     (CVE-2016-2183) (bsc#995359)

  - Malformed SHA512 ticket DoS (CVE-2016-6302) (bsc#995324)

  - OOB write in MDC2_Update() (CVE-2016-6303) (bsc#995377)

  - Certificate message OOB reads (CVE-2016-6306)     (bsc#999668)

More information can be found on:
https://www.openssl.org/news/secadv/20160922.txt

Also following bugs were fixed :

  - update expired S/MIME certs (bsc#979475)

  - improve s390x performance (bsc#982745)

  - allow >= 64GB AESGCM transfers (bsc#988591)

  - fix crash in print_notice (bsc#998190)

  - resume reading from /dev/urandom when interrupted by a     signal (bsc#995075)

This update was imported from the SUSE:SLE-12-SP1:Update update project.

The version of OpenSSL installed on the remote host is prior to 1.0.1u. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.1u advisory.

  - Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a     allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request     extensions. (CVE-2016-6304)

  - The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to     cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c     and s3_srvr.c. (CVE-2016-6306)

  - Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows     remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have     unspecified other impact via unknown vectors. (CVE-2016-6303)

  - The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size     during validation of the ticket length, which allows remote attackers to cause a denial of service via a     ticket that is too short. (CVE-2016-6302)

  - The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries     associated with unused out-of-order messages, which allows remote attackers to cause a denial of service     (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c,     statem_dtls.c, statem_lib.c, and statem_srvr.c. (CVE-2016-2179)

  - The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new     epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial     of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and     ssl3_record.c. (CVE-2016-2181)

  - The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division     results, which allows remote attackers to cause a denial of service (out-of-bounds write and application     crash) or possibly have unspecified other impact via unknown vectors. (CVE-2016-2182)

  - The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp     Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of     service (out-of-bounds read and application crash) via a crafted time-stamp file that is mishandled by the     openssl ts command. (CVE-2016-2180)

  - The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure     the use of constant-time operations, which makes it easier for local users to discover a DSA private key     via a timing side-channel attack. (CVE-2016-2178)

  - OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might     allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly     have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c,     and t1_lib.c. (CVE-2016-2177)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to its banner, the version of OpenSSL on the remote host is 1.0.1 prior to 1.0.1u, or 1.0.2 prior to 1.0.2i.  It is therefore affected by the following vulnerabilities :

 - A flaw exists in 'ssl/s3_srvr.c', 'ssl/ssl_sess.c', and 'ssl/t1_lib.c' that may under certain circumstances lead to integer overflows and allow an attacker to have an unspecified impact. (CVE-2016-2177)
 - A flaw exists in 'crypto/dsa/dsa_ossl.c' that is triggered as the DSA signing algorithm does not properly run in constant time.  This may potentially allow a context-dependent attacker to conduct e.g. a side channel attack and gain unauthorized access to DSA key information. (CVE-2016-2178)
 - A flaw exists that is due to the system not handling fragmented DTLS buffered messages correctly.  There are two scenarios where messages could result in the queue not being cleared and memory not being freed.  The first occurs when a full message is received after a fragment of the same message, and the system uses the full message while ignoring the fragmented message without removing it from queue.  The second occurs when a peer sends a 'future' message with extraneous packets containing a sequence number higher than the Finished message, resulting in the packets not being removed from queue.  With a saturation of either type of message, a remote attacker can exhaust up to 1500k of memory per connection, exhausting memory leading to a remote denial of service. (CVE-2016-2179)
 - An out-of-bounds read flaw exists in the 'TS_OBJ_print_bio()' function in 'crypto/ts/ts_lib.c'.  This may allow a context-dependent attacker to have an unspecified impact that may potentially include crashing a process linked against the library or disclosing memory contents. (CVE-2016-2180)
 - A flaw exists in the DTLS implementation that is triggered when handling epoch sequence numbers in records.  This may allow a remote attacker to cause legitimate packets to be dropped. (CVE-2016-2181)
 - An overflow condition exists in the 'BN_bn2dec()' function in 'crypto/bn/bn_print.c'.  The issue is triggered as certain input is not properly validated when handling BIGNUM values. This may allow a context-dependent attacker to cause a buffer overflow, resulting in a denial of service in a process linked against the library. (CVE-2016-2182)
 - A flaw exists in the 'tls_decrypt_ticket()' function in 'ssl/t1_lib.c' that is triggered during the handling of ticket HMAC digest.  This may allow a remote attacker to crash the service. (CVE-2016-6302)
 - An overflow condition exists in the 'MDC2_Update()' function in 'crypto/mdc2/mdc2dgst.c' that is triggered as certain input is not properly validated.  This may allow a context-dependent attacker to cause a heap-based buffer overflow, crashing a process linked against the library or potentially allowing the execution of arbitrary code. (CVE-2016-6303)
 - A flaw exists in the 'ssl_parse_clienthello_tlsext()' function in 'ssl/t1_lib.c' that is triggered when handling overly large OCSP Status Request extensions from clients.  This may allow a remote attacker to exhaust available memory in a process linked against the library. (CVE-2016-6304)
 - An out-of-bounds read flaw exists that is triggered when handling client certificate, client certificate request, and server certificate messages.  This may allow a remote attacker to potentially crash a process linked against the library. (CVE-2016-6306)

The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

ID	Name	Product	Family	Published	Updated	Severity
94167	MySQL 5.7.x < 5.7.16 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)	Nessus	Databases	10/20/2016	11/14/2019	critical
96145	IBM BigFix Remote Control < 9.1.3 Multiple Vulnerabilities (SWEET32)	Nessus	CGI abuses	12/27/2016	11/13/2019	critical
99594	Oracle Enterprise Manager Grid Control Multiple Vulnerabilities (April 2017 CPU) (SWEET32)	Nessus	Misc.	4/21/2017	4/11/2022	critical
93761	OracleVM 3.3 / 3.4 : openssl (OVMSA-2016-0135)	Nessus	OracleVM Local Security Checks	9/28/2016	1/4/2021	critical
93690	Debian DLA-637-1 : openssl security update	Nessus	Debian Local Security Checks	9/26/2016	1/11/2021	critical
93783	openSUSE Security Update : openssl (openSUSE-2016-1134)	Nessus	SuSE Local Security Checks	9/28/2016	1/19/2021	critical
93814	OpenSSL 1.0.1 < 1.0.1u Multiple Vulnerabilities	Nessus	Web Servers	9/30/2016	10/23/2024	critical
9625	OpenSSL 1.0.1 < 1.0.1u / 1.0.2 < 1.0.2i Multiple Vulnerabilities	Nessus Network Monitor	Web Servers	10/6/2016	3/6/2019	high
503114	Siemens SCALANCE X-200RNA Switch Devices Observable Discrepancy (CVE-2016-2178)	Tenable OT Security	Tenable.ot	3/13/2025	3/13/2025	medium

Detections

Analytics

Plugins Search

critical

critical

critical

critical

critical

critical

critical

high

medium